package com.cy.pj.sys.common;

import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.FactoryBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

/*
 * 有些资源匿名访问，有些可以公开访问*/
@Configuration
public class SpringShiroConfig {
    @Bean
    public DefaultWebSecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        return securityManager;


    }

    public FactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean();
        LinkedHashMap<String, String> map = new LinkedHashMap<>();
//        不需要认证访问
        map.put("/bower_components/**", "anon");
        map.put("/build/**", "anon");
        map.put("/dist/**", "anon");
        map.put("/plugins/**", "anon");
        map.put("/user/doLogin", "anon");
        map.put("/doLogout", "logout");
//        需要认证访问
        map.put("/**", "authc");
//      将资源是否需要访问的权限放入map中
        filterFactoryBean.setFilterChainDefinitionMap(map);
        //        判断：是否已经经过认证
        filterFactoryBean.setSecurityManager(new DefaultWebSecurityManager());
//        注册页面？
        filterFactoryBean.setLoginUrl("/doLoginUI");

        return filterFactoryBean;
    }
}
